January 31, 2006 (4:09 AM PST) -- Insecure.Org is pleased to announce the immediate, free availability of the Nmap Security Scanner version 4.00 from http://nmap.org/.


Nmap ("Network Mapper") is an free open source utility for network exploration, administration, and security auditing. It uses IP packets in novel ways to determine which hosts are available online (host discovery), which TCP/UDP ports are open (port scanning), and what applications and services are listening on each port (version detection). It can also identify remote host OS and device types via TCP/IP fingerprinting. Nmap offers flexible target and port specifications, decoy/stealth scanning for firewall and IDS evasion, and highly optimized timing algorithms for fast scanning. Nmap runs on all popular operating systems, including Linux, Windows, Mac OS X, FreeBSD, Solaris, and OpenBSD. Download command-line or graphical versions of Nmap and its documentation from Insecure.Org.

Nmap has been named "Security Product of the Year" by Linux Journal, Info World, LinuxQuestions.Org, and Codetalker Digest. It has also been praised by Wired, Information Security, BBC, Network World, Slashdot, 2600, SANS, Info World, Microsoft, Google, Computer World, Sun World, Phrack, and more. At least three movies have featured Nmap, including Battle Royale ( [Screen1] [Screen2] [Trivia]), HaXXXor Vol. 1, and some science fiction flick. Walmart is currently selling an Nmap hacker chair.

As free software, we don't have any sort of advertising budget. So pleasse spread the word that Nmap 4 is now available!


Nmap has undergone many substantial changes since our last major release (3.50 in February 2004) and we recommend that all current users upgrade. Here are the most important improvements made in the 36 intermediate releases since 3.50 (See the ChangeLog for a much more detailed list):


With this stable version out of the way, we plan to dive headfirst into the next development cycle. Many exciting features are in the queue, including a next-generation OS detection system. We also plan to launch the 2006 Nmap User Survey in February, to learn what features you want most. For the latest news, consider joining the 32,000-member low-traffic moderated Nmap-hackers list. Subscribe at http://cgi.insecure.org/mailman/listinfo/nmap-hackers, or you can read the archives at seclists.org. You can subscribe to the (high traffic) development list at http://cgi.insecure.org/mailman/listinfo/nmap-dev.


Nmap is available for download from http://nmap.org/ for most platforms in source and binary form. Nmap is free, open source software (license).

Direct questions or comments to fyodor@insecure.org . Report any bugs as described at http://nmap.org/book/man-bugs.html


A popular open source security scanner recently went proprietary, complaining that their community never contributes much. We are sorry to hear that, but happy to report that the Nmap community is as vibrant and productive as ever! We would like to acknowledge and thank the many people who contributed ideas and/or code to this release (since 3.50). Special thanks go out to Adam Kerrison, Adam Morgan, Adriano Monteiro Marques, Alan Bishoff, Alan William Somers, Albert Chin, Allison Randal, Alok Tangoankar, Amy Hennings, Anders Thulin, Andreia Gaita, Andy Lutomirski, Annalee Newitz, Arturo Buanzo Busleiman, Bart Dopheide, Beirne Konarski, Ben Harris, Bill Dale, Bill Petersen, Bill Pollock, Bo Jiang, Brian Hatch, Chad Loder, Chris Gibson, Christophe, Craig Humphrey, Curtis Doty, Dana Epp, Dirk Mueller, Doug Hoyte, Dragos Ruiu, Dug Song, Duilio J. Protti, Eric S. Raymond, Felix Gröbert, Florian Ebner, Fyodor Yarochkin, Ganga Bhavani, Gisle Vanem, Glyn Geoghegan, Greg A. Woods, Greg Darke, Greg Taleck, Gwenole Beauchesne, HD Moore, Jedi/Sector One, Jeff Nathan, Jesse Burns, Jim Carras, Jim Harrison, Jonathan Dieter, José Domingos, Justin Cranford, Justin M Cacak, Krok, KX, Lamont Jones, Lance Spitzner, Laurent Estieux, Lionel Cons, Lucien Raven, MadHat, Marius Strobl, Mark-David McLaughlin, Mark Ruef, Martin Macok, Matthieu Verbert, Matt Selsky, Max Schubert, Meethune Bhowmick, Mephisto, Mike Basinger, Mike Hatz, Murphy, Netris, Okan Demirmen, Ole Morten Grodaas, Oliver Eikemeier, Pascal Trouvin, Paul Tarjan, Petr Salinger, Petter Reinholdtsen, pijn trein, Ping Huang, Piotr Sobolewski, Priit Laes, Princess Nadia, Raven Alder, Richard Birkett, Richard Moore, Robert E. Lee, Rob Foehl, Ronak Sutaria, Royce Williams, Ruediger Rissmann, Saint Xavier, Saravanan, Scott Mansfield, Sebastian Wolfgarten, Seth Master, Shahid Khan, Simon Burr, Simple Nomad, Sina Bahram, Solar Designer, Srivatsan, Stephane Loeuillet, Stephen Bishop, Steve Christensen, Steve Martin, Thorsten Holz, Tom Duffy, Tom Rune Flo, Tom Sellers, Tony Golding, van Hauser, vlad902, William McVey, Zapphire, and Zhao Lei.

And of course we would also like to thank the thousands of people who have submitted OS and service/version fingerprints, as well as everyone who has found and reported bugs or suggested features.

For further information, see http://insecure.org/.